Security News

Magento patched 37 flaws Thursday, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site.

Researchers have released a proof-of-concept showing how a XXE vulnerability can be exploited to attack Ghidra project users.

Not on 5.1.1? You should be A newly revealed vuln in the open-source CMS WordPress allows an unauthenticated website attacker to remotely execute code – potentially letting naughty folk delete or...

In all, Google reported 45 bugs in its March update with 11 ranked critical and 33 rated high.

Patches released by Rockwell Automation for its RSLinx Classic software address a critical vulnerability that can be exploited for denial-of-service (DoS) attacks and possibly for remote code...

Last week's disclosures are now this week's live attacks Just days after a remote code execution flaw in open-source web publishing software Drupal was made public, researchers have already...

Cybercriminals have actively started exploiting an already patched security vulnerability in the wild to install cryptocurrency miners on vulnerable Drupal websites that have not yet applied...

A vulnerability patched recently in the Drupal content management system (CMS) has been exploited in the wild to deliver cryptocurrency miners and other payloads. The attacks started just three...

Admins should update immediately to fix a remote code-execution vulnerability.

A new Drupalgeddon might be brewing: a highly critical vulnerability affecting all versions of the popular content management framework could allow hackers to take over vulnerable Drupal...